MarioBartolome / Jenkins-pRCE-exploit
Jenkins pre-auth RCE exploit. More info at https://jenkins.io/security/advisory/2019-01-08/#SECURITY-1266 https://blog.orange.tw/2019/02/abusing-meta-programming-for-unauthenticated-rce.html
☆10Updated 6 years ago
Alternatives and similar repositories for Jenkins-pRCE-exploit:
Users that are interested in Jenkins-pRCE-exploit are comparing it to the libraries listed below
- JavaScript functions intended to be used as an XSS payload against a WordPress admin account.☆54Updated 4 years ago
- Kubernetes Scanner☆40Updated 3 years ago
- ☆14Updated 4 years ago
- Local File Inclusion Burp-Suite Intruder Payload Generator Plugin☆39Updated 4 years ago
- A Burp Suite extension for headless, unattended scanning.☆36Updated 4 years ago
- A bash script that automates the scanning of a target network for HTTP resources through XXE☆38Updated 4 years ago
- ☆26Updated 2 years ago
- BurpSuite's payload-generation extension aiming at applying fuzzed test-cases depending on the type of payload (integer, string, path; JS…☆39Updated 4 years ago
- ☆48Updated 4 years ago
- ☆15Updated 3 years ago
- Vulnerable webapp testbed☆20Updated 8 years ago
- Python script to give you subsets of the nmap "top-ports". For example, I want the 10th to 100th most common TCP ports. Spits out a comma…☆17Updated 5 years ago
- Use normal web pentest tools to hack Websockets☆18Updated 5 years ago
- ☆22Updated 3 years ago
- Some Buffer Overflow Automation Scripts I'll be using between PWK labs and Exam!☆19Updated 4 years ago
- Extract subdomains from rapiddns.io☆23Updated 2 years ago
- Image Tragick Exploit Tool Using Burp Collaborator☆35Updated 10 months ago
- This is the Go Server that relays all HTTP requests and responses between clients.☆27Updated last year
- Scanner for Cross-Site WebSocket Hijacking☆42Updated 4 years ago
- Burp extension that checks application requests and responses for indicators of vulnerability or targets for attack☆41Updated 2 years ago
- SMB Auto Relay provides the automation of SMB/NTLM Relay technique for pentesting and red teaming exercises in active directory environme…☆47Updated 4 years ago
- Lab that will help you to understand how type juggling vulnerability works.☆22Updated 4 years ago
- The tool exfiltrates data from Couchbase database by exploiting N1QL injection vulnerabilities.☆76Updated 4 years ago
- Jira Secret Hunter - Helps you find credentials and sensitive contents in Jira tickets☆43Updated 2 years ago
- HTTP requests of FrontPage expolit☆25Updated 11 years ago
- Just a simple SMTP server, implementation of @corpix smtpd library☆14Updated 4 years ago
- Burp Suite extension to discover assets from HTTP response.☆16Updated 3 years ago
- This is a Burpsuite plugin built to enable you to import your directory bruteforcing results into burp for easy viewing later. This is an…☆36Updated 2 years ago
- A list of "secrets" from JWT sample code and readme files.☆54Updated 4 years ago
- ☆14Updated 5 years ago